X-Git-Url: http://www.chiark.greenend.org.uk/ucgi/~mdw/git/disorder/blobdiff_plain/78efa64e092d96e15dc40283b73f3af117b2d0a3..15091f766f1e8c380d2a7f752c387a2cecaf5bb1:/server/dcgi.c diff --git a/server/dcgi.c b/server/dcgi.c index b818883..15faf2f 100644 --- a/server/dcgi.c +++ b/server/dcgi.c @@ -1,6 +1,6 @@ /* * This file is part of DisOrder. - * Copyright (C) 2004, 2005, 2006, 2007 Richard Kettlewell + * Copyright (C) 2004-2008 Richard Kettlewell * * This program is free software; you can redistribute it and/or modify * it under the terms of the GNU General Public License as published by @@ -38,15 +38,13 @@ #include "mem.h" #include "vector.h" #include "sink.h" -#include "cgi.h" -#include "dcgi.h" +#include "server-cgi.h" #include "log.h" #include "configuration.h" #include "table.h" #include "queue.h" #include "plugin.h" #include "split.h" -#include "words.h" #include "wstat.h" #include "kvp.h" #include "syscalls.h" @@ -54,6 +52,14 @@ #include "regsub.h" #include "defs.h" #include "trackname.h" +#include "charset.h" +#include "dcgi.h" +#include "url.h" +#include "mime.h" +#include "sendmail.h" +#include "base64.h" + +char *login_cookie; static void expand(cgi_sink *output, const char *template, @@ -68,15 +74,23 @@ struct entry { const char *display; }; +static const char nonce_base64_table[] = + "ABCDEFGHIJKLMNOPQRSTUVWXYZabcdefghijklmnopqrstuvwxyz0123456789-/*"; + static const char *nonce(void) { - static unsigned long count; - char *s; - - byte_xasprintf(&s, "%lx%lx%lx", - (unsigned long)time(0), - (unsigned long)getpid(), - count++); - return s; + static uint32_t count; + + struct ndata { + uint16_t count; + uint16_t pid; + uint32_t when; + } nd; + + nd.count = count++; + nd.pid = (uint32_t)getpid(); + nd.when = (uint32_t)time(0); + return generic_to_base64((void *)&nd, sizeof nd, + nonce_base64_table); } static int compare_entry(const void *a, const void *b) { @@ -99,54 +113,53 @@ static const char *front_url(void) { return config->url; } +static void header_cookie(struct sink *output) { + struct dynstr d[1]; + struct url u; + + memset(&u, 0, sizeof u); + dynstr_init(d); + parse_url(config->url, &u); + if(login_cookie) { + dynstr_append_string(d, "disorder="); + dynstr_append_string(d, login_cookie); + } else { + /* Force browser to discard cookie */ + dynstr_append_string(d, "disorder=none;Max-Age=0"); + } + if(u.path) { + /* The default domain matches the request host, so we need not override + * that. But the default path only goes up to the rightmost /, which would + * cause the browser to expose the cookie to other CGI programs on the same + * web server. */ + dynstr_append_string(d, ";Version=1;Path="); + /* Formally we are supposed to quote the path, since it invariably has a + * slash in it. However Safari does not parse quoted paths correctly, so + * this won't work. Fortunately nothing else seems to care about proper + * quoting of paths, so in practice we get with it. (See also + * parse_cookie() where we are liberal about cookie paths on the way back + * in.) */ + dynstr_append_string(d, u.path); + } + dynstr_terminate(d); + cgi_header(output, "Set-Cookie", d->vec); +} + static void redirect(struct sink *output) { const char *back; - cgi_header(output, "Location", - (back = cgi_get("back")) ? back : front_url()); + back = cgi_get("back"); + cgi_header(output, "Location", back && *back ? back : front_url()); + header_cookie(output); cgi_body(output); } -static void lookups(dcgi_state *ds, unsigned want) { - unsigned need; - struct queue_entry *r, *rnext; - const char *dir, *re; - - if(ds->g->client && (need = want ^ (ds->g->flags & want)) != 0) { - if(need & DC_QUEUE) - disorder_queue(ds->g->client, &ds->g->queue); - if(need & DC_PLAYING) - disorder_playing(ds->g->client, &ds->g->playing); - if(need & DC_NEW) - disorder_new_tracks(ds->g->client, &ds->g->new, &ds->g->nnew, 0); - if(need & DC_RECENT) { - /* we need to reverse the order of the list */ - disorder_recent(ds->g->client, &r); - while(r) { - rnext = r->next; - r->next = ds->g->recent; - ds->g->recent = r; - r = rnext; - } - } - if(need & DC_VOLUME) - disorder_get_volume(ds->g->client, - &ds->g->volume_left, &ds->g->volume_right); - if(need & (DC_FILES|DC_DIRS)) { - if(!(dir = cgi_get("directory"))) - dir = ""; - re = cgi_get("regexp"); - if(need & DC_DIRS) - if(disorder_directories(ds->g->client, dir, re, - &ds->g->dirs, &ds->g->ndirs)) - ds->g->ndirs = 0; - if(need & DC_FILES) - if(disorder_files(ds->g->client, dir, re, - &ds->g->files, &ds->g->nfiles)) - ds->g->nfiles = 0; - } - ds->g->flags |= need; - } +static void expand_template(dcgi_state *ds, cgi_sink *output, + const char *action) { + cgi_header(output->sink, "Content-Type", "text/html"); + header_cookie(output->sink); + cgi_body(output->sink); + expand(output, action, ds); } /* actions ********************************************************************/ @@ -245,6 +258,7 @@ static void act_playing(cgi_sink *output, dcgi_state *ds) { byte_snprintf(r, sizeof r, "%ld;url=%s", refresh > 0 ? refresh : 1, front_url()); cgi_header(output->sink, "Refresh", r); + header_cookie(output->sink); cgi_body(output->sink); expand(output, "playing", ds); } @@ -311,9 +325,11 @@ static void act_volume(cgi_sink *output, dcgi_state *ds) { * URL) */ cgi_header(output->sink, "Location", (back = cgi_get("back")) ? back : volume_url()); + header_cookie(output->sink); cgi_body(output->sink); } else { cgi_header(output->sink, "Content-Type", "text/html"); + header_cookie(output->sink); cgi_body(output->sink); expand(output, "volume", ds); } @@ -361,8 +377,18 @@ static void process_prefs(dcgi_state *ds, int numfile) { disorder_unset(ds->g->client, file, "pick_at_random"); else disorder_set(ds->g->client, file, "pick_at_random", "0"); - if((value = numbered_arg("tags", numfile))) - disorder_set(ds->g->client, file, "tags", value); + if((value = numbered_arg("tags", numfile))) { + if(!*value) + disorder_unset(ds->g->client, file, "tags"); + else + disorder_set(ds->g->client, file, "tags", value); + } + if((value = numbered_arg("weight", numfile))) { + if(!*value || !strcmp(value, "90000")) + disorder_unset(ds->g->client, file, "weight"); + else + disorder_set(ds->g->client, file, "weight", value); + } } else if((name = cgi_get("name"))) { /* Raw preferences. Not well supported in the templates at the moment. */ value = cgi_get("value"); @@ -382,6 +408,7 @@ static void act_prefs(cgi_sink *output, dcgi_state *ds) { for(numfile = 0; numfile < nfiles; ++numfile) process_prefs(ds, numfile); cgi_header(output->sink, "Content-Type", "text/html"); + header_cookie(output->sink); cgi_body(output->sink); expand(output, "prefs", ds); } @@ -400,12 +427,228 @@ static void act_resume(cgi_sink *output, redirect(output->sink); } +static void act_login(cgi_sink *output, + dcgi_state *ds) { + const char *username, *password, *back; + disorder_client *c; + + username = cgi_get("username"); + password = cgi_get("password"); + if(!username || !password + || !strcmp(username, "guest")/*bodge to avoid guest cookies*/) { + /* We're just visiting the login page */ + expand_template(ds, output, "login"); + return; + } + /* We'll need a new connection as we are going to stop being guest */ + c = disorder_new(0); + if(disorder_connect_user(c, username, password)) { + cgi_set_option("error", "loginfailed"); + expand_template(ds, output, "login"); + return; + } + if(disorder_make_cookie(c, &login_cookie)) { + cgi_set_option("error", "cookiefailed"); + expand_template(ds, output, "login"); + return; + } + /* Use the new connection henceforth */ + ds->g->client = c; + ds->g->flags = 0; + /* We have a new cookie */ + header_cookie(output->sink); + cgi_set_option("status", "loginok"); + if((back = cgi_get("back")) && *back) + /* Redirect back to somewhere or other */ + redirect(output->sink); + else + /* Stick to the login page */ + expand_template(ds, output, "login"); +} + +static void act_logout(cgi_sink *output, + dcgi_state *ds) { + disorder_revoke(ds->g->client); + login_cookie = 0; + /* Reconnect as guest */ + disorder_cgi_login(ds, output); + /* Back to the login page */ + cgi_set_option("status", "logoutok"); + expand_template(ds, output, "login"); +} + +static void act_register(cgi_sink *output, + dcgi_state *ds) { + const char *username, *password, *password2, *email; + char *confirm, *content_type; + const char *text, *encoding, *charset; + + username = cgi_get("username"); + password = cgi_get("password1"); + password2 = cgi_get("password2"); + email = cgi_get("email"); + + if(!username || !*username) { + cgi_set_option("error", "nousername"); + expand_template(ds, output, "login"); + return; + } + if(!password || !*password) { + cgi_set_option("error", "nopassword"); + expand_template(ds, output, "login"); + return; + } + if(!password2 || !*password2 || strcmp(password, password2)) { + cgi_set_option("error", "passwordmismatch"); + expand_template(ds, output, "login"); + return; + } + if(!email || !*email) { + cgi_set_option("error", "noemail"); + expand_template(ds, output, "login"); + return; + } + /* We could well do better address validation but for now we'll just do the + * minimum */ + if(!strchr(email, '@')) { + cgi_set_option("error", "bademail"); + expand_template(ds, output, "login"); + return; + } + if(disorder_register(ds->g->client, username, password, email, &confirm)) { + cgi_set_option("error", "cannotregister"); + expand_template(ds, output, "login"); + return; + } + /* Send the user a mail */ + /* TODO templatize this */ + byte_xasprintf((char **)&text, + "Welcome to DisOrder. To active your login, please visit this URL:\n" + "\n" + "%s?c=%s\n", config->url, urlencodestring(confirm)); + if(!(text = mime_encode_text(text, &charset, &encoding))) + fatal(0, "cannot encode email"); + byte_xasprintf(&content_type, "text/plain;charset=%s", + quote822(charset, 0)); + sendmail("", config->mail_sender, email, "Welcome to DisOrder", + encoding, content_type, text); /* TODO error checking */ + /* We'll go back to the login page with a suitable message */ + cgi_set_option("status", "registered"); + expand_template(ds, output, "login"); +} + +static void act_confirm(cgi_sink *output, + dcgi_state *ds) { + const char *confirmation; + + if(!(confirmation = cgi_get("c"))) { + cgi_set_option("error", "noconfirm"); + expand_template(ds, output, "login"); + } + /* Confirm our registration */ + if(disorder_confirm(ds->g->client, confirmation)) { + cgi_set_option("error", "badconfirm"); + expand_template(ds, output, "login"); + } + /* Get a cookie */ + if(disorder_make_cookie(ds->g->client, &login_cookie)) { + cgi_set_option("error", "cookiefailed"); + expand_template(ds, output, "login"); + return; + } + /* Discard any cached data JIC */ + ds->g->flags = 0; + /* We have a new cookie */ + header_cookie(output->sink); + cgi_set_option("status", "confirmed"); + expand_template(ds, output, "login"); +} + +static void act_edituser(cgi_sink *output, + dcgi_state *ds) { + const char *email = cgi_get("email"), *password = cgi_get("changepassword1"); + const char *password2 = cgi_get("changepassword2"); + int newpassword = 0; + disorder_client *c; + + if((password && *password) || (password && *password2)) { + if(!password || !password2 || strcmp(password, password2)) { + cgi_set_option("error", "passwordmismatch"); + expand_template(ds, output, "login"); + return; + } + } else + password = password2 = 0; + + if(email) { + if(disorder_edituser(ds->g->client, disorder_user(ds->g->client), + "email", email)) { + cgi_set_option("error", "badedit"); + expand_template(ds, output, "login"); + return; + } + } + if(password) { + if(disorder_edituser(ds->g->client, disorder_user(ds->g->client), + "password", password)) { + cgi_set_option("error", "badedit"); + expand_template(ds, output, "login"); + return; + } + newpassword = 1; + } + if(newpassword) { + login_cookie = 0; /* it'll be invalid now */ + /* This is a bit duplicative of act_login() */ + c = disorder_new(0); + if(disorder_connect_user(c, disorder_user(ds->g->client), password)) { + cgi_set_option("error", "loginfailed"); + expand_template(ds, output, "login"); + return; + } + if(disorder_make_cookie(c, &login_cookie)) { + cgi_set_option("error", "cookiefailed"); + expand_template(ds, output, "login"); + return; + } + /* Use the new connection henceforth */ + ds->g->client = c; + ds->g->flags = 0; + /* We have a new cookie */ + header_cookie(output->sink); + } + cgi_set_option("status", "edited"); + expand_template(ds, output, "login"); +} + +static void act_reminder(cgi_sink *output, + dcgi_state *ds) { + const char *const username = cgi_get("username"); + + if(!username || !*username) { + cgi_set_option("error", "nousername"); + expand_template(ds, output, "login"); + return; + } + if(disorder_reminder(ds->g->client, username)) { + cgi_set_option("error", "reminderfailed"); + expand_template(ds, output, "login"); + return; + } + cgi_set_option("status", "reminded"); + expand_template(ds, output, "login"); +} + static const struct action { const char *name; void (*handler)(cgi_sink *output, dcgi_state *ds); } actions[] = { + { "confirm", act_confirm }, { "disable", act_disable }, + { "edituser", act_edituser }, { "enable", act_enable }, + { "login", act_login }, + { "logout", act_logout }, { "move", act_move }, { "pause", act_pause }, { "play", act_play }, @@ -413,6 +656,8 @@ static const struct action { { "prefs", act_prefs }, { "random-disable", act_random_disable }, { "random-enable", act_random_enable }, + { "register", act_register }, + { "reminder", act_reminder }, { "remove", act_remove }, { "resume", act_resume }, { "scratch", act_scratch }, @@ -421,41 +666,6 @@ static const struct action { /* expansions *****************************************************************/ -static void exp_include(int attribute((unused)) nargs, - char **args, - cgi_sink *output, - void *u) { - expand(output, args[0], u); -} - -static void exp_server_version(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - const char *v; - - if(ds->g->client) { - if(disorder_version(ds->g->client, (char **)&v)) v = "(cannot get version)"; - } else - v = "(server not running)"; - cgi_output(output, "%s", v); -} - -static void exp_version(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void attribute((unused)) *u) { - cgi_output(output, "%s", disorder_version_string); -} - -static void exp_nonce(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void attribute((unused)) *u) { - cgi_output(output, "%s", nonce()); -} - static void exp_label(int attribute((unused)) nargs, char **args, cgi_sink *output, @@ -470,194 +680,6 @@ struct trackinfo_state { time_t when; }; -static void exp_who(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - - if(ds->track && ds->track->submitter) - cgi_output(output, "%s", ds->track->submitter); -} - -static void exp_length(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - long length = 0; - - if(ds->track - && (ds->track->state == playing_started - || ds->track->state == playing_paused) - && ds->track->sofar >= 0) - cgi_output(output, "%ld:%02ld/", - ds->track->sofar / 60, ds->track->sofar % 60); - length = 0; - if(ds->track) - disorder_length(ds->g->client, ds->track->track, &length); - else if(ds->tracks) - disorder_length(ds->g->client, ds->tracks[0], &length); - if(length) - cgi_output(output, "%ld:%02ld", length / 60, length % 60); - else - sink_printf(output->sink, "%s", " "); -} - -static void exp_when(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - const struct tm *w = 0; - - if(ds->track) - switch(ds->track->state) { - case playing_isscratch: - case playing_unplayed: - case playing_random: - if(ds->track->expected) - w = localtime(&ds->track->expected); - break; - case playing_failed: - case playing_no_player: - case playing_ok: - case playing_scratched: - case playing_started: - case playing_paused: - case playing_quitting: - if(ds->track->played) - w = localtime(&ds->track->played); - break; - } - if(w) - cgi_output(output, "%d:%02d", w->tm_hour, w->tm_min); - else - sink_printf(output->sink, " "); -} - -static void exp_part(int nargs, - char **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - const char *s, *track, *part, *context; - - if(nargs == 3) - track = args[2]; - else { - if(ds->track) - track = ds->track->track; - else if(ds->tracks) - track = ds->tracks[0]; - else - track = 0; - } - if(track) { - switch(nargs) { - case 1: - context = "display"; - part = args[0]; - break; - case 2: - case 3: - context = args[0]; - part = args[1]; - break; - default: - abort(); - } - if(disorder_part(ds->g->client, (char **)&s, track, context, part)) - fatal(0, "disorder_part() failed"); - cgi_output(output, "%s", s); - } else - sink_printf(output->sink, " "); -} - -static void exp_playing(int attribute((unused)) nargs, - char **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - dcgi_state s; - - lookups(ds, DC_PLAYING); - memset(&s, 0, sizeof s); - s.g = ds->g; - if(ds->g->playing) { - s.track = ds->g->playing; - expandstring(output, args[0], &s); - } -} - -static void exp_queue(int attribute((unused)) nargs, - char **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - dcgi_state s; - struct queue_entry *q; - - lookups(ds, DC_QUEUE); - memset(&s, 0, sizeof s); - s.g = ds->g; - s.first = 1; - for(q = ds->g->queue; q; q = q->next) { - s.last = !q->next; - s.track = q; - expandstring(output, args[0], &s); - s.index++; - s.first = 0; - } -} - -static void exp_recent(int attribute((unused)) nargs, - char **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - dcgi_state s; - struct queue_entry *q; - - lookups(ds, DC_RECENT); - memset(&s, 0, sizeof s); - s.g = ds->g; - s.first = 1; - for(q = ds->g->recent; q; q = q->next) { - s.last = !q; - s.track = q; - expandstring(output, args[0], &s); - s.index++; - s.first = 0; - } -} - -static void exp_new(int attribute((unused)) nargs, - char **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - dcgi_state s; - - lookups(ds, DC_NEW); - memset(&s, 0, sizeof s); - s.g = ds->g; - s.first = 1; - for(s.index = 0; s.index < ds->g->nnew; ++s.index) { - s.last = s.index + 1 < ds->g->nnew; - s.tracks = &ds->g->new[s.index]; - expandstring(output, args[0], &s); - s.first = 0; - } -} - -static void exp_url(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void attribute((unused)) *u) { - cgi_output(output, "%s", config->url); -} - struct result { char *track; const char *sort; @@ -739,16 +761,6 @@ static void exp_search(int nargs, assert(substate.last != 0); } -static void exp_arg(int attribute((unused)) nargs, - char **args, - cgi_sink *output, - void attribute((unused)) *u) { - const char *v; - - if((v = cgi_get(args[0]))) - cgi_output(output, "%s", v); -} - static void exp_stats(int attribute((unused)) nargs, char attribute((unused)) **args, cgi_sink *output, @@ -764,60 +776,6 @@ static void exp_stats(int attribute((unused)) nargs, cgi_closetag(output->sink, "pre"); } -static void exp_volume(int attribute((unused)) nargs, - char **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - - lookups(ds, DC_VOLUME); - if(!strcmp(args[0], "left")) - cgi_output(output, "%d", ds->g->volume_left); - else - cgi_output(output, "%d", ds->g->volume_right); -} - -static void exp_shell(int attribute((unused)) nargs, - char **args, - cgi_sink *output, - void attribute((unused)) *u) { - int w, p[2], n; - char buffer[4096]; - pid_t pid; - - xpipe(p); - if(!(pid = xfork())) { - exitfn = _exit; - xclose(p[0]); - xdup2(p[1], 1); - xclose(p[1]); - execlp("sh", "sh", "-c", args[0], (char *)0); - fatal(errno, "error executing sh"); - } - xclose(p[1]); - while((n = read(p[0], buffer, sizeof buffer))) { - if(n < 0) { - if(errno == EINTR) continue; - else fatal(errno, "error reading from pipe"); - } - output->sink->write(output->sink, buffer, n); - } - xclose(p[0]); - while((n = waitpid(pid, &w, 0)) < 0 && errno == EINTR) - ; - if(n < 0) fatal(errno, "error calling waitpid"); - if(w) - error(0, "shell command '%s' %s", args[0], wstat(w)); -} - -static inline int str2bool(const char *s) { - return !strcmp(s, "true"); -} - -static inline const char *bool2str(int n) { - return n ? "true" : "false"; -} - static char *expandarg(const char *arg, dcgi_state *ds) { struct dynstr d; cgi_sink output; @@ -830,184 +788,6 @@ static char *expandarg(const char *arg, dcgi_state *ds) { return d.vec; } -static void exp_prefs(int attribute((unused)) nargs, - char **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - dcgi_state substate; - struct kvp *k; - const char *file = expandarg(args[0], ds); - - memset(&substate, 0, sizeof substate); - substate.g = ds->g; - substate.first = 1; - if(disorder_prefs(ds->g->client, file, &k)) return; - while(k) { - substate.last = !k->next; - substate.pref = k; - expandstring(output, args[1], &substate); - ++substate.index; - k = k->next; - substate.first = 0; - } -} - -static void exp_pref(int attribute((unused)) nargs, - char **args, - cgi_sink *output, - void *u) { - char *value; - dcgi_state *ds = u; - - if(!disorder_get(ds->g->client, args[0], args[1], &value)) - cgi_output(output, "%s", value); -} - -static void exp_if(int nargs, - char **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - int n = str2bool(expandarg(args[0], ds)) ? 1 : 2; - - if(n < nargs) - expandstring(output, args[n], ds); -} - -static void exp_and(int nargs, - char **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - int n, result = 1; - - for(n = 0; n < nargs; ++n) - if(!str2bool(expandarg(args[n], ds))) { - result = 0; - break; - } - sink_printf(output->sink, "%s", bool2str(result)); -} - -static void exp_or(int nargs, - char **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - int n, result = 0; - - for(n = 0; n < nargs; ++n) - if(str2bool(expandarg(args[n], ds))) { - result = 1; - break; - } - sink_printf(output->sink, "%s", bool2str(result)); -} - -static void exp_not(int attribute((unused)) nargs, - char **args, - cgi_sink *output, - void attribute((unused)) *u) { - sink_printf(output->sink, "%s", bool2str(!str2bool(args[0]))); -} - -static void exp_isplaying(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - - lookups(ds, DC_PLAYING); - sink_printf(output->sink, "%s", bool2str(!!ds->g->playing)); -} - -static void exp_isqueue(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - - lookups(ds, DC_QUEUE); - sink_printf(output->sink, "%s", bool2str(!!ds->g->queue)); -} - -static void exp_isrecent(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - - lookups(ds, DC_RECENT); - sink_printf(output->sink, "%s", bool2str(!!ds->g->recent)); -} - -static void exp_isnew(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - - lookups(ds, DC_NEW); - sink_printf(output->sink, "%s", bool2str(!!ds->g->nnew)); -} - -static void exp_id(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - - if(ds->track) - cgi_output(output, "%s", ds->track->id); -} - -static void exp_track(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - - if(ds->track) - cgi_output(output, "%s", ds->track->track); -} - -static void exp_parity(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - - cgi_output(output, "%s", ds->index % 2 ? "odd" : "even"); -} - -static void exp_comment(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink attribute((unused)) *output, - void attribute((unused)) *u) { - /* do nothing */ -} - -static void exp_prefname(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - - if(ds->pref && ds->pref->name) - cgi_output(output, "%s", ds->pref->name); -} - -static void exp_prefvalue(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - - if(ds->pref && ds->pref->value) - cgi_output(output, "%s", ds->pref->value); -} - static void exp_isfiles(int attribute((unused)) nargs, char attribute((unused)) **args, cgi_sink *output, @@ -1086,57 +866,6 @@ static void exp_file(int attribute((unused)) nargs, cgi_output(output, "%s", ds->tracks[0]); } -static void exp_transform(int nargs, - char **args, - cgi_sink *output, - void attribute((unused)) *u) { - const char *context = nargs > 2 ? args[2] : "display"; - - cgi_output(output, "%s", trackname_transform(args[1], args[0], context)); -} - -static void exp_urlquote(int attribute((unused)) nargs, - char **args, - cgi_sink *output, - void attribute((unused)) *u) { - cgi_output(output, "%s", urlencodestring(args[0])); -} - -static void exp_scratchable(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void attribute((unused)) *u) { - dcgi_state *ds = u; - int result; - - if(config->restrictions & RESTRICT_SCRATCH) { - lookups(ds, DC_PLAYING); - result = (ds->g->playing - && (!ds->g->playing->submitter - || !strcmp(ds->g->playing->submitter, - disorder_user(ds->g->client)))); - } else - result = 1; - sink_printf(output->sink, "%s", bool2str(result)); -} - -static void exp_removable(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void attribute((unused)) *u) { - dcgi_state *ds = u; - int result; - - if(config->restrictions & RESTRICT_REMOVE) - result = (ds->track - && ds->track->submitter - && !strcmp(ds->track->submitter, - disorder_user(ds->g->client))); - else - result = 1; - sink_printf(output->sink, "%s", bool2str(result)); -} - static void exp_navigate(int attribute((unused)) nargs, char **args, cgi_sink *output, @@ -1206,138 +935,6 @@ static void exp_dirname(int nargs, cgi_output(output, "%.*s", ds->nav_dirlen, ds->nav_path); } -static void exp_eq(int attribute((unused)) nargs, - char **args, - cgi_sink *output, - void attribute((unused)) *u) { - cgi_output(output, "%s", bool2str(!strcmp(args[0], args[1]))); -} - -static void exp_ne(int attribute((unused)) nargs, - char **args, - cgi_sink *output, - void attribute((unused)) *u) { - cgi_output(output, "%s", bool2str(strcmp(args[0], args[1]))); -} - -static void exp_enabled(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - int enabled = 0; - - if(ds->g->client) - disorder_enabled(ds->g->client, &enabled); - cgi_output(output, "%s", bool2str(enabled)); -} - -static void exp_random_enabled(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - int enabled = 0; - - if(ds->g->client) - disorder_random_enabled(ds->g->client, &enabled); - cgi_output(output, "%s", bool2str(enabled)); -} - -static void exp_trackstate(int attribute((unused)) nargs, - char **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - struct queue_entry *q; - char *track; - - if(disorder_resolve(ds->g->client, &track, args[0])) return; - lookups(ds, DC_QUEUE|DC_PLAYING); - if(ds->g->playing && !strcmp(ds->g->playing->track, track)) - cgi_output(output, "playing"); - else { - for(q = ds->g->queue; q && strcmp(q->track, track); q = q->next) - ; - if(q) - cgi_output(output, "queued"); - } -} - -static void exp_thisurl(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void attribute((unused)) *u) { - kvp_set(&cgi_args, "nonce", nonce()); /* nonces had better differ! */ - cgi_output(output, "%s?%s", config->url, kvp_urlencode(cgi_args, 0)); -} - -static void exp_isfirst(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - - sink_printf(output->sink, "%s", bool2str(!!ds->first)); -} - -static void exp_islast(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - - sink_printf(output->sink, "%s", bool2str(!!ds->last)); -} - -static void exp_action(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void attribute((unused)) *u) { - const char *action = cgi_get("action"), *mgmt; - - if(!action) action = "playing"; - if(!strcmp(action, "playing") - && (mgmt = cgi_get("mgmt")) - && !strcmp(mgmt, "true")) - action = "manage"; - sink_printf(output->sink, "%s", action); -} - -static void exp_resolve(int attribute((unused)) nargs, - char **args, - cgi_sink *output, - void attribute((unused)) *u) { - dcgi_state *ds = u; - char *track; - - if(!disorder_resolve(ds->g->client, &track, args[0])) - sink_printf(output->sink, "%s", track); -} - -static void exp_paused(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - int paused = 0; - - lookups(ds, DC_PLAYING); - if(ds->g->playing && ds->g->playing->state == playing_paused) - paused = 1; - cgi_output(output, "%s", bool2str(paused)); -} - -static void exp_state(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - - if(ds->track) - cgi_output(output, "%s", playing_states[ds->track->state]); -} - static void exp_files(int attribute((unused)) nargs, char **args, cgi_sink *output, @@ -1373,15 +970,6 @@ static void exp_files(int attribute((unused)) nargs, } } -static void exp_index(int attribute((unused)) nargs, - char attribute((unused)) **args, - cgi_sink *output, - void *u) { - dcgi_state *ds = u; - - cgi_output(output, "%d", ds->index); -} - static void exp_nfiles(int attribute((unused)) nargs, char attribute((unused)) **args, cgi_sink *output, @@ -1398,6 +986,26 @@ static void exp_nfiles(int attribute((unused)) nargs, cgi_output(output, "1"); } +static void exp_image(int attribute((unused)) nargs, + char **args, + cgi_sink *output, + void attribute((unused)) *u) { + char *labelname; + const char *imagestem; + + byte_xasprintf(&labelname, "images.%s", args[0]); + if(cgi_label_exists(labelname)) + imagestem = cgi_label(labelname); + else if(strchr(args[0], '.')) + imagestem = args[0]; + else + byte_xasprintf((char **)&imagestem, "%s.png", args[0]); + if(cgi_label_exists("url.static")) + cgi_output(output, "%s/%s", cgi_label("url.static"), imagestem); + else + cgi_output(output, "/disorder/%s", imagestem); +} + static const struct cgi_expansion expansions[] = { { "#", 0, INT_MAX, EXP_MAGIC, exp_comment }, { "action", 0, 0, 0, exp_action }, @@ -1405,6 +1013,7 @@ static const struct cgi_expansion expansions[] = { { "arg", 1, 1, 0, exp_arg }, { "basename", 0, 1, 0, exp_basename }, { "choose", 2, 2, EXP_MAGIC, exp_choose }, + { "define", 3, 3, EXP_MAGIC, exp_define }, { "dirname", 0, 1, 0, exp_dirname }, { "enabled", 0, 0, 0, exp_enabled }, { "eq", 2, 2, 0, exp_eq }, @@ -1413,6 +1022,7 @@ static const struct cgi_expansion expansions[] = { { "fullname", 0, 0, 0, exp_fullname }, { "id", 0, 0, 0, exp_id }, { "if", 2, 3, EXP_MAGIC, exp_if }, + { "image", 1, 1, 0, exp_image }, { "include", 1, 1, 0, exp_include }, { "index", 0, 0, 0, exp_index }, { "isdirectories", 0, 0, 0, exp_isdirectories }, @@ -1425,6 +1035,7 @@ static const struct cgi_expansion expansions[] = { { "isrecent", 0, 0, 0, exp_isrecent }, { "label", 1, 1, 0, exp_label }, { "length", 0, 0, 0, exp_length }, + { "movable", 0, 0, 0, exp_movable }, { "navigate", 2, 2, EXP_MAGIC, exp_navigate }, { "ne", 2, 2, 0, exp_ne }, { "new", 1, 1, EXP_MAGIC, exp_new }, @@ -1445,6 +1056,7 @@ static const struct cgi_expansion expansions[] = { { "recent", 1, 1, EXP_MAGIC, exp_recent }, { "removable", 0, 0, 0, exp_removable }, { "resolve", 1, 1, 0, exp_resolve }, + { "right", 1, 3, EXP_MAGIC, exp_right }, { "scratchable", 0, 0, 0, exp_scratchable }, { "search", 2, 3, EXP_MAGIC, exp_search }, { "server-version", 0, 0, 0, exp_server_version }, @@ -1457,6 +1069,8 @@ static const struct cgi_expansion expansions[] = { { "transform", 2, 3, 0, exp_transform }, { "url", 0, 0, 0, exp_url }, { "urlquote", 1, 1, 0, exp_urlquote }, + { "user", 0, 0, 0, exp_user }, + { "userinfo", 1, 1, 0, exp_userinfo }, { "version", 0, 0, 0, exp_version }, { "volume", 1, 1, 0, exp_volume }, { "when", 0, 0, 0, exp_when }, @@ -1486,19 +1100,25 @@ static void perform_action(cgi_sink *output, dcgi_state *ds, const char *action) { int n; + /* We don't ever want anything to be cached */ + cgi_header(output->sink, "Cache-Control", "no-cache"); if((n = TABLE_FIND(actions, struct action, name, action)) >= 0) actions[n].handler(output, ds); - else { - cgi_header(output->sink, "Content-Type", "text/html"); - cgi_body(output->sink); - expand(output, action, ds); - } + else + expand_template(ds, output, action); } void disorder_cgi(cgi_sink *output, dcgi_state *ds) { const char *action = cgi_get("action"); - if(!action) action = "playing"; + if(!action) { + /* We allow URLs which are just confirm=... in order to keep confirmation + * URLs, which are user-facing, as short as possible. */ + if(cgi_get("c")) + action = "confirm"; + else + action = "playing"; + } perform_action(output, ds, action); } @@ -1508,6 +1128,22 @@ void disorder_cgi_error(cgi_sink *output, dcgi_state *ds, perform_action(output, ds, "error"); } +/** @brief Log in as the current user or guest if none */ +void disorder_cgi_login(dcgi_state *ds, cgi_sink *output) { + /* Create a new connection */ + ds->g->client = disorder_new(0); + /* Forget everything we knew */ + ds->g->flags = 0; + /* Reconnect */ + if(disorder_connect_cookie(ds->g->client, login_cookie)) { + disorder_cgi_error(output, ds, "connect"); + exit(0); + } + /* If there was a cookie but it went bad, we forget it */ + if(login_cookie && !strcmp(disorder_user(ds->g->client), "guest")) + login_cookie = 0; +} + /* Local Variables: c-basic-offset:2